External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-07 01:17:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

add vault namespace support

Browse Source
This commit is contained in:
Jérémie Ben Arros
2021-03-16 09:27:22 -04:00
parent d94a49ac74
commit 1550989482
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
awx/main/credential_plugins/hashivault.py
View File

@@ -143,6 +143,9 @@ def approle_auth(**kwargs):
# AppRole Login # AppRole Login
request_kwargs['json'] = {'role_id': role_id, 'secret_id': secret_id} request_kwargs['json'] = {'role_id': role_id, 'secret_id': secret_id}
sess = requests.Session() sess = requests.Session()
# Namespace support
if kwargs.get('namespace'):
sess.headers['X-Vault-Namespace'] = kwargs['namespace']
request_url = '/'.join([url, 'auth', auth_path, 'login']).rstrip('/') request_url = '/'.join([url, 'auth', auth_path, 'login']).rstrip('/')
with CertFiles(cacert) as cert: with CertFiles(cacert) as cert:
request_kwargs['verify'] = cert request_kwargs['verify'] = cert
@@ -170,6 +173,8 @@ def kv_backend(**kwargs):
sess.headers['Authorization'] = 'Bearer {}'.format(token) sess.headers['Authorization'] = 'Bearer {}'.format(token)
# Compatibility header for older installs of Hashicorp Vault # Compatibility header for older installs of Hashicorp Vault
sess.headers['X-Vault-Token'] = token sess.headers['X-Vault-Token'] = token
if kwargs.get('namespace'):
sess.headers['X-Vault-Namespace'] = kwargs['namespace']
if api_version == 'v2': if api_version == 'v2':
if kwargs.get('secret_version'): if kwargs.get('secret_version'):
@@ -228,6 +233,8 @@ def ssh_backend(**kwargs):
sess = requests.Session() sess = requests.Session()
sess.headers['Authorization'] = 'Bearer {}'.format(token) sess.headers['Authorization'] = 'Bearer {}'.format(token)
if kwargs.get('namespace'):
sess.headers['X-Vault-Namespace'] = kwargs['namespace']
# Compatability header for older installs of Hashicorp Vault # Compatability header for older installs of Hashicorp Vault
sess.headers['X-Vault-Token'] = token sess.headers['X-Vault-Token'] = token
# https://www.vaultproject.io/api/secret/ssh/index.html#sign-ssh-key # https://www.vaultproject.io/api/secret/ssh/index.html#sign-ssh-key